1.18. cryptsetup-luks

An updated cryptsetup-luks package that fixes various bugs is now available for Red Hat Enterprise Linux 5.

The cryptsetup-luks package provides a utility for setting up encrypted file systems using Device Mapper and the dm-crypt target.

This updated cryptsetup-luks package includes fixes for the following bugs:

* When executing the "cryptsetup luksOpen" command on an encrypted disk device formatted with an older version of cryptsetup, the following message appeared: "automatic header conversion from 0.99 to 0.991 triggered". Consequently, the device became unresponsive at every attempt to open it. The older version of cryptsetup converted the master key iteration count incorrectly, which has been fixed and the device hangs no longer. (BZ#583431)

* The cryptsetup utility became unresponsive when using the "cryptsetup isLuks" command on an ordinary file. This problem has been fixed: if running the command on an ordinary file, the cryptsetup utility informs users about the file not being a LUKS partition. (BZ#622712)

* Previously, the cryptsetup utility could have terminated unexpectedly when the key size was larger than 256 bits. The cryptsetup utility now properly supports keys longer than 256 bits, fixing the problem. (BZ#678011, BZ#684616)

* When removing a key from the key slot by running the "cryptsetup luksDelKey" command, only the key slot itself was cleared but the salt and iteration count remained in the key slot header. All additional information is now cleared as well. (BZ#697815)

All users of cryptsetup-luks are advised to upgrade to this updated package, which resolves these bugs.